AARO ERP MCP Server

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden. It discloses key behavioral traits: opens a browser, waits for user password input, and extracts token from '#anahtar' element. However, it doesn't cover important aspects like error handling, timeout behavior, what happens if password is wrong, or whether this creates persistent sessions. The description is informative but incomplete for a security-sensitive operation.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is appropriately concise with two sentences that efficiently cover the core functionality and authentication mechanism. It's front-loaded with the main purpose. There's minimal waste, though it could be slightly more structured by separating the authentication steps more clearly.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

For a token acquisition tool with no annotations and no output schema, the description provides adequate context about the authentication process but lacks details on return values, error conditions, and security implications. It covers the 'how' (browser interaction) but not the 'what next' (token usage, expiration). Given the complexity of authentication flows, more completeness would be expected.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The description doesn't explicitly mention the 'password' parameter, but with 100% schema description coverage (the schema fully documents the single optional parameter), the baseline is 3. The description adds context about the authentication flow (browser interaction, manual entry fallback) which enhances understanding beyond the schema's technical specification, justifying a score above baseline.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'ERP sisteminden geçici erişim anahtarı (token) alır' (gets a temporary access token from the ERP system). It specifies the verb 'alır' (gets) and resource 'token', but doesn't explicitly differentiate from sibling 'erp_token_manuel_ekle' (manual token add) or 'erp_token_sil' (token delete), which would be needed for a perfect score.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description mentions the tool opens a browser and waits for password entry, implying it's for authentication scenarios. However, it provides no explicit guidance on when to use this versus alternatives like 'erp_token_manuel_ekle' (manual token add) or when not to use it. No prerequisites or comparison to siblings is included.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.